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Top Stories 

• An oil platform explosion at Fieldwood Energy’s Echo Platform, West Delta 105, off the 
coast of Louisiana left 1 person dead and 3 others injured November 20. - WWL 4 New 
Orleans (See item 1) 

• The California Public Utilities Commission imposed a $1.05 million fine to Pacific Gas 
and Electric Company following the exchange of inappropriate email communications 
between the utility and State regulators regarding alleged negotiations of appointing a 
judge to a hearing on utility rates in the San Bruno pipeline explosion case. - KPIX 5 San 
Francisco (See item 3) 

• All schools in the cities of Buffalo and Lackawanna, including suburban districts in 7 other 
towns as well as 7 additional colleges and universities remain closed November 20 for the 
third consecutive day after a winter storm dumped over 5 feet of snow in western New 
York. - Associated Press (See item 17 ) 

• Structural damage of rooftops due to the accumulation of heavy snow prompted an 
evacuation of more than 50 residents from mobile home parks in Cheektowaga and West 
Seneca, New York, and 180 from a Cheektowaga assisted living facility November 20. - 
Associated Press (See item 32) 
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Energy Sector 



1. November 21, WWL 4 New Orleans - (International) 1 dead, 3 hurt in oil platform 
explosion off La. coast. An oil platform explosion at Fieldwood Energy’s Echo 
Platform, West Delta 105, off the coast of Louisiana left 1 person dead and 3 others 
injured November 20. Authorities contained the explosion and continue to investigate 
the incident. 

Source: http://www.usatodav.com/storv/news/nation/2014/ll/20/l-dead-3-hurt-in-oil- 
platform-explosion-off-la-coast/70039166/ 

2. November 21, Jackson Hole Daily - (Wyoming) AmeriGas blaze extinguished. 
Authorities are investigating the source of an explosion and fire at AmeriGas in Teton 
County November 20. Fire crews spent several hours containing the fire and employees 
stated that the blaze occurred following a leak while a truck was refilling underground 
propane tanks. 

Source: http://www.ihnewsandguide.com/iackson hole daily/ameri gas-blaze - 
extinguished/article 4eae92d2-8455-5f47-8570-98998a386717.html 

3. November 20, KPIX 5 San Francisco - (California) PG&E fined $1.05 million over 
backroom negotiations; utility to appeal decision. Pacific Gas and Electric Company 
was issued a $1.05 million fine by the California Public Utilities Commission following 
the exchange of inappropriate email communications between the utility and State 
regulators regarding alleged negotiations of appointing a judge to a hearing on utility 
rates in the San Bruno pipeline explosion case. 

Source: http://sanfrancisco.cbslocal.eom/2014/l 1/20/pge-fined-more-than-l-million- 
over-backroom-negotiations/ 

For another story, see item 20 
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Chemical Industry Sector 

See item 20 



[ Return to top ] 

Nuclear Reactors, Materials, and Waste Sector 

Nothing to report 
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Critical Manufacturing Sector 

4. November 21, Reuters - (National) Toyota Lexus to recall some 2006-2011 models 
due to fuel leaks. Toyota announced that it will recall 422,509 model year 2007-2010 
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Lexus LS and 2006-201 1 GS and IS vehicles due to the potential for fuel to leak near 
the fuel pressure sensor, creating a fire hazard. 

Source: http://www.reuters.com/article/2014/ll/21/us-toyota-recall-lexus- 



idUSKCN0J5 1Q220141 121 



For another story, see item 20 
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Defense Industrial Base Sector 

Nothing to report 
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Financial Services Sector 

5. November 21, Associated Press - (New Jersey) Man admits $20 million Ponzi 
scheme in New Jersey. A Colts Neck man pleaded guilty November 20 to running a 
$20 million Ponzi scheme involving 36 investors that caused investor losses of around 
$12.7 million. 

Source: http://www.msn.com/en-us/news/crime/man-admits-dollar20-million-ponzi- 
scheme-in-new-iersev/ar-BBeVAly 

6. November 20, U.S. Attorney’s Office, Southern District of New York - (International) 

Former corporate executives charged with securities fraud and tax offenses for 
wide-ranging commercial bribery scheme. Federal authorities charged two Coral 
Gables, Florida men who worked as senior executives at Systemax Inc., and its 
subsidiary computer and electronics vendor TigerDirect for allegedly engaging in a 
kickback scheme with an Asia-based group of suppliers that netted the men over $9 
million in kickbacks and benefits. The men were also charged for allegedly concealing 
the illicit income from the Internal Revenue Service. 

Source: http://www.fbi.gov/newvork/press-releases/2014/former-corporate-executives- 

charged-with-securities-fraud-and-tax-offenses-for-wide-ranging-commercial-bribery- 

scheme 

7. November 19, Consumer Financial Protection Bureau - (National) CFPB takes first 
action against ‘buy-here, pay-here’ auto dealer. The Consumer Financial Protection 
Bureau issued a consent order November 19 against Arizona-based used car dealer 
network DriveTime Automotive Group Inc., and its finance company DT Acceptance 
Corporation seeking $8 million in penalties and the reform of several practices for 
allegedly providing inaccurate credit information to credit reporting agencies, engaging 
in excessive or prohibited calls, and other actions that constituted harassment of 
customers. 

Source: http://www.consumerfinance.gov/newsroom/cfpb-takes-first-action-against- 
buy-here-pay-here-auto-dealer/ 



- 3 - 



For another story, see item 25 
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Transportation Systems Sector 

8. November 20, U.S. Department of Labor - (Massachusetts) Workers at Billerica, 
Massachusetts, freight shipping terminal exposed to electrocution, fall, crushing 
and other hazards. Central Transport LLC, a Michigan-based freight shipper, was 
cited November 20 by the Occupational Safety and Health Administration for several 
violations involving the disregard of basic worker safeguards and putting employees at 
risk for possible electrocution, forklift tip-overs, and other dangers at its terminal in 
Billerica, Massachusetts. Proposed fines totaled $330,800. 

Source: 

https://www.osha.gov/pls/oshaweb/owadisp.show document?p table=NEWS RELEA 
SES&p id=27036 

9. November 19, WCNC 36 Charlotte - (North Carolina) Deputy killed when tractor- 
trailer overturns onto patrol car. A portion of Highway 74 in Monroe was closed for 
nearly 9 hours November 19 while authorities investigated a collision that killed a 
Union County Sheriff’s deputy when a semi-truck overturned on top of his patrol car 
along the highway. 

Source: http://www.wfmvnews2.com/story/news/local/2014/ll/19/monroe-sheriff- 
officer-tractor-trailer-accident-crash/19268709/ 

10. November 19, Boston Globe - (Massachusetts) MBTA rail operator hit with 
$804,000 fine. The operator of the Massachusetts Bay Transportation Authority 
commuter rail service, Keolis Commuter Services, was fined $804,000 November 19 
by the transit authority for failing to meet on-time targets and other issues such as 
station and train cleanliness. 

Source: http ://www ■bostonglobe.com/metro/20 14/11/1 9/mbta-fines-keolis-for- 
commuter-rail-delavs/MVGLFikitiNITpOvmVCEtK/story.html 

For another story, see item 32 
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Food and Agriculture Sector 

11. November 21, Associated Press - (Indiana) Hundreds of pigs die from Indianapolis 
crash. About 700 piglets died when a semi-truck hauling about 2,000 hogs overturned 
on Interstate 74 ramp in Indianapolis because the driver was travelling at too high of a 
rate of speed. The onramp was closed for several hours while crews cleared the scene. 
Source: http://www.wsbt.com/news/local/hundreds-of-pigs-die-from-indianapolis- 
crash/29857616 

12. November 20, U.S. Food and Drug Administration - (International) Evershing 
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International Trading issues allergy alert on undeclared milk in Vinacafe Brand 
coffee - Wake Up Weasel Instant Coffee mix 3-in-l. The U.S. Food and Drug 
Administration reported November 20 that Evershing International Trading recalled its 
Vinacafe Brand Wake Up Weasel Instant Coffee mix 3-in-l product due to undeclared 
Sodium Caseinate and soy extract. The product was distributed in the U.S. and Canada, 
and the recall was initiated following label inspections by the Canadian Food 
Inspection Agency. 

Source: http://www.fda.gov/Safety/Recalls/ucm424138.htm 

13. November 20, WTVY 4 Dothan - (Georgia) Georgia grain bin collapses, spilling 
90,000 bushels of corn. About 90,000 bushels of corn spilled from a Calhoun County 
grain bin when it collapsed November 19. The silo was rendered a total loss and two 
additional bins were damaged when they were knocked off their foundation during the 
collapse. 

Source: http://www.wtvv.com/home/headlines/Georgia-Grain-Bin-Collapses-Spilling- 
90000-Bushels-of-Com— 283355941.html 



For another story, see item 20 
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Water and Wastewater Systems Sector 

14. November 21, San Antonio Express-News - (Texas) SAWS crews fixing sewage spill 
on East Side. San Antonio Water System crews contained a sewer spill by constructing 
a temporary bypass pipeline after more than 100,000 gallons of wastewater mixed with 
rainwater into a creekbed when a pipe collapsed near Interstate 10 East in San Antonio 
November 20. Repairs to the pipeline were expected to be completed by November 21. 
Source: http://www.mvsanantonio.com/news/local/article/SAWS-crews-fixing-sewage- 
spill-on-East-Side-5907932.php 

15. November 20, U.S. Environmental Protection Agency - (Ohio) U.S. Clean Water Act 
settlement in Uima, Ohio, to reduce sewage overflows. The U.S. Environmental 
Protection Agency, the U.S. Department of Justice, and the State of Ohio announced a 
settlement with the City of Lima November 20 to resolve claims of untreated sewer 
discharges being released into the Ottawa River. The city will pay a $49,000 penalty 
and will make required changes such as major structural improvements to control 
combined sewer overflows and changes to eliminate overflows from the sanity sewer 
system. 

Source: 

http://vosemite.epa.gOv/opa/admpress.nsf/0/lEE242587B0E5C6D85257D96005393E2 

16. November 20, WVVA 6 Bluefield - (West Virginia) Day 11 of no water for parts of 
Gary, WV. Crews continued work to restore water service November 20 to about 150 
customers in Elbert and Filbert in West Virginia after a line leading to a water tank 
supply broke, leaving residents without water for an eleventh day. 

Source: http://www.wvva.com/story/27444167/2014/ll/20/dav-ll-of-no-water-for- 
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parts-of-gary-wv 



For another story, see item 20 
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Healthcare and Public Health Sector 

See item 32 
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Government Facilities Sector 

17. November 20, Associated Press - (New York) Some Buffalo-area schools closed for 3 
days in row. All Buffalo and Lackawanna-area schools as well as schools in 7 other 
towns, and 7 additional colleges and universities were closed November 20 for the third 
consecutive day after a winter storm dumped over 5 feet of snow in western New York. 
Source: http://newsok.com/some-buffalo-area-schools-closed-for-3-days-in- 
row/article/feed/7 62393 

18. November 20, Reuters - (California) Girl questioned over Yik Yak threat that closed 
California school. Mira Costa High School in southern California reopened November 
20 following a November 18-19 closure due to at least one threatening post on a social 
media service. Police questioned a suspect in connection to the threats which were 
posted November 17. 

Source: http://www.msn.com/en-us/news/crime/girl-questioned-over-vik-yak-threat- 
that-closed-california-school/ar-BBeTDLf 



For additional stories, see items 31 and 32 
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Emergency Services Sector 

19. November 20, DNAinfo.com - (New York) Massive fire guts two Central Park 
medical unit ambulances. A November 20 fire at the E&B Operating Corp parking 
garage in Manhattan Valley damaged the garage, its contents, and destroyed 2 Central 
Park Medical Unit ambulances worth about $300,000. Five firefighters were 
transported to an area hospital with minor injuries. 

Source: http://www.dnainfo.com/new-york/20141 120/manhattan-valley/dozens-of- 
cars-damaged-garage-fire-officials-say 
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Information Technology Sector 
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20. November 21, Securityweek - (International) Siemens fixes critical vulnerabilities in 
WinCC SCADA products. Siemens issued patches for two vulnerabilities in its 
SIMATIC WinCC supervisory control and data acquisition (SCADA) systems, one of 
which could be remotely exploited by an unauthorized attacker. The SIMATIC WinCC 
system is used to monitor and control industrial and infrastructure systems in chemical, 
food and beverage, oil and gas, and water and wastewater applications. 

Source: http://www.securityweek.com/siemens-fixes-critical-vulnerabilities-wincc- 
scada-products 

21. November 21, Softpedia - (International) Persistent XSS flaw fixed in WP Statistics 
plug-in for WordPress. The developers of the WP Statistics plug-in for WordPress 
released version 8.3.1 in order to close a stored cross-site scripting (XSS) vulnerability 
that could allow attackers to execute commands in the administration panel. 

Source: http://news.softpedia.com/news/Persistent-XSS-Flaw-Fixed-in-WP-Statistics- 
Plug-In-for-WordPress-465587.shtml 

22. November 21, The Register - (International) DoubleDirect hackers snaffle fandroid 
and iPhone-strokers’ secrets. Researchers with Zimperium identified a man-in-the- 
middle (MitM) attack technique targeting Android and iOS devices dubbed 
DoubleDirect that can be used by attackers to intercept devices’ traffic to steal 
credentials or deliver malicious payloads that can go on to infect a larger network. The 
researchers have observed the attack being used in the wild and provided a proof of 
concept for the attack method. 

Source: 

http://www.theregister.co.uk/2014/ll/21/hackers snaffling smartphone secrets with r 
edirection attack/ 

23. November 21, Securityweek - (International) WordPress 4.0.1 released to address 
critical XSS, other vulnerabilities. The developers of WordPress released version 
4.0.1 of the content management system, closing a cross-site scripting (XSS) 
vulnerability and eight other security issues. 

Source: http://www.securityweek.com/wordpress-401-released-address-critical-xss- 
other-vulnerabilities 

24. November 20, Securityweek - (International) Multiple vulnerabilities found in 
Hikvision DVR devices. Researchers with Rapid7 identified and reported three 
remotely exploitable vulnerabilities in Hikvision DVR devices that could be used by 
unauthenticated attackers to execute arbitrary code. 

Source: http://www.securityweek.com/multiple-vulnerabilities-found-hikvision-dvr- 
devices 

25. November 20, Securityweek - (International) DDoS attacks over 10 Gbps jump in 
Q3: Verisign. Verisign released their report on distributed denial of service (DDoS) 
attacks for the third quarter (Q3) of 2014 and found that attacks exceeding 10 Gpbs 
grew by 38 percent compared to the second quarter (Q2), representing over 20 percent 
of all DDoS attacks in Q3, among other findings. 
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Source: http://www.securitvweek.com/ddos-attacks-over-10-gbps-iump-q3- 
verisign 

26. November 20, IDG News Service - (International) Governments act against webcam- 
snooping websites. Authorities in the U.S. and U.K. warned users of Internet- 
connected webcams and other video devices to secure their devices by adding 
passwords and changing default passwords after Web sites broadcasting unsecured 
video feeds were identified online. One of the major unsecured feed sites went offline 
November 20 while at least one other was still available. 

Source: http://www.networkworld.com/article/2850833/govemrnents-act- 
against-webcamsnooping-websites.html 

For another story, see item 6 



Internet Alert Dashboard 



To report cyber infrastructure incidents or to request information, please contact US-CERT at soc@us-cert.gov or 
visit their Web site: http://www.us-cert.gov 

Information on IT information sharing and analysis can be found at the IT IS AC (Information Sharing and 
Analysis Center) Web site: http://www.it-isac.org 
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Communications Sector 

Nothing to report 
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Commercial Facilities Sector 

27. November 1, WMAQ 5 Chicago - (Illinois) 4 injured in aerosol explosion at Macy's 
in Chicago's Loop. Four employees were injured November 21 when an aerosol can 
exploded after it was placed too close to a heating element during a cooking 
demonstration at a Macy’s store in Chicago. The store was closed at the time of the 
explosion. 

Source: http://www.nbcchicago.com/news/local/Propane-Chicago-Loop-Iniuries- 
283488831.html 

28. November 21, WHAS 11 Louisville - (Indiana) Building collapses after fire breaks 
out in downtown North Vernon, Ind. A November 21 fire that broke out at a North 
Vernon apartment building caused at least 1 building to collapse and damaged at least 9 
additional structures that house several apartment units and at least 3 businesses. Four 
firefighters were injured and eastbound Highway 50 was closed for several hours while 
crews battled the blaze. 

Source: http://www.whas 1 1 ■com/story/news/local/indiana/2014/1 1/21/fire-north- 
vemon-apartment-building/19331129/ 
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29. November 21, Ithaca Voice - (New York) Laundry room fire fills Best Western in 
Ithaca with smoke. About 100 guests were displaced from a Best Western hotel in 
Ithaca November 20 following a fire that started in a laundry room of the business. 
Crews shut off power to the building after they determined the fire burned through an 
electrical meter posing safety risks to firefighters. 

Source: http://ithacavoice.com/2014/ll/laundry-room-fire-fills-best-westem-ithaca- 
smoke/ 



30. November 21, KDVR 31 Denver - (Colorado) One dead, two hurt in shooting at 
Aurora bar. Police are searching for a gunman who opened fire during an altercation 
inside El Bronco Bar in Aurora November 21 killing one person and injuring two 
others. 

Source: http : //kdvr. com/20 14/11/21 /one-dead-two-hurt-in-shooting-at- aurora-bar/ 

31. November 21, WNEP 16 Scranton - (Pennsylvania) Businesses damaged by fire in 
Schuylkill County. One Frackville business was destroyed and at least two additional 
businesses and several apartment units were damaged when a fire broke out at 
Amberdeen’s Fine Foods and Beverages November 21. The Frackville Public Fibrary 
suffered smoke damage and was closed until November 24 while crews ventilated the 
building. 

Source: http://wnep.com/2014/ll/21/two-businesses-damaged-bv-fire-in-schuylkill- 
county/ 

32. November 20, Associated Press - (New York) Roofs collapse as Buffalo clobbered by 
more snow. More than 50 residents were evacuated from mobile home parks in 
Cheektowaga and West Seneca and about 180 residents were evacuated from a 
Cheektowaga assisted living facility November 20 due to heavy snows that caused the 
structures’ roofs to buckle. The Buffalo Bills rescheduled and relocated its November 
24 football game and schools in the Buffalo area canceled classes November 20 while 
driving bans were in effect and a portion of the New York State Thruway remained 
closed. 

Source: http://abcnews.go.com/US/wireStorv/round-buffalo-braces-wintry- wallop- 
27044077 
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Dams Sector 



Nothing to report 
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Department of Homeland Security (DHS) 

DHS Daily Open Source Infrastructure Report Contact Information 

About the reports - The DHS Daily Open Source Infrastructure Report is a daily [Monday through Friday] 
summary of open-source published information concerning significant critical infrastructure issues. The DHS Daily 
Open Source Infrastructure Report is archived for 10 days on the Department of Homeland Security Web site: 
http://www.dhs.gov/IPDailyReport 

Contact Information 

Content and Suggestions: Send mail to cikr.productfeedback@hq.dhs.gov or contact the DHS 

Daily Report Team at (703) 942-8590 

Subscribe to the Distribution List: Visit the DHS Daily Open Source Infrastructure Report and follow 

instructions to Get e-mail updates when this information changes . 

Removal from Distribution List: Send mail to support@govdeliverv.com . 



Contact DHS 

To report physical infrastructure incidents or to request information, please contact the National Infrastructure 
Coordinating Center at nicc@hq.dhs.gov or (202) 282-9201. 

To report cyber infrastructure incidents or to request information, please contact US-CERT at soc@us-cert.gov or visit 
their Web page at www.us-cert.gov . 

Department of Homeland Security Disclaimer 

The DHS Daily Open Source Infrastructure Report is a non-commercial publication intended to educate and inform 
personnel engaged in infrastructure protection. Further reproduction or redistribution is subject to original copyright 
restrictions. DHS provides no warranty of ownership of the copyright, or accuracy with respect to the original 
source material. 




- 10 - 




